Physical Unclonable Functions (PUFs) Overview

Updated 15 April 2026

Physical Unclonable Functions (PUFs) are hardware-based elements that generate unique, deterministic responses from uncontrollable manufacturing variations.
PUFs are utilized for secure authentication, key extraction, and random number generation in diverse systems including silicon, optical, and quantum architectures.
Evaluation of PUFs relies on metrics like reproducibility, uniqueness, and unpredictability, while ongoing research addresses integration challenges and resilience against machine learning attacks.

A Physical Unclonable Function (PUF) is a physical entity that, due to uncontrollable manufacturing or assembly variations, implements a deterministic but device-unique mapping from input challenges to output responses. This intrinsic unpredictability, combined with the inability to replicate the mapping either physically or mathematically even by the original manufacturer, underpins fundamental primitives for secure identification, key generation, and cryptographic authentication in hardware systems (Plaga et al., 2015, Plaga et al., 2012, Garcia-Bosque et al., 2024). PUFs manifest in diverse materials and architectures—ranging from silicon microelectronics and optical structures to emerging nanoscale, molecular, and quantum systems—where their security and utility are quantified rigorously via reproducibility, uniqueness, unpredictability, and resistance to cloning. This encyclopedic article surveys the definitions, structural archetypes, metrics, construction methodologies, and current research challenges associated with PUFs, grounded in recent and foundational literature.

1. Formal Definitions, Security Mechanisms, and Classification

A PUF is formally modeled as a physical system implementing a function

$f_\mathrm{PUF} : \mathcal{C} \to \mathcal{R}$

where $\mathcal{C}$ is a set of input challenges (e.g., bitstrings, waveforms, optical field patterns), and $\mathcal{R}$ is the set of output responses (e.g., bitstrings, analog features). The crucial characteristics are (Plaga et al., 2012, Plaga et al., 2015):

Non-constancy with respect to challenges: $f_\mathrm{PUF}(C)$ changes for different $C \in \mathcal{C}$ .
Physical inseparability of storage and security: The mechanism impeding duplication is inherent to the storage/response process itself, not added as an external layer (Plaga et al., 2015).

PUFs are classified by their security objectives and mechanisms. Objectives distinguish whether prevention of physical duplication (replication of physical structure) or mathematical duplication (reproduction of input-output mapping) is targeted. Mechanisms include (Plaga et al., 2015):

Complex Structure (CS): Fabrication-induced complexity (e.g., random nanostructures).
No-Cloning Physics (NC): Fundamental laws (e.g., quantum no-cloning) prevent replication.
Cryptostorage: Security achieved via minimum readout time (MRT) or erasure-upon-readout (EUR) (Plaga et al., 2012).

A distinction is drawn between PUFs (implementing the mapping with an inseparable mechanism) and secure/unclonable PUFs (where duplicating $f_\mathrm{PUF}$ is computationally or physically infeasible for all but a negligible fraction of challenges).

2. Essential Metrics and Evaluation Methods

PUFs are quantitatively evaluated using device-ensemble and intra-device comparisons, leveraging Hamming distance and entropy-based metrics (Garcia-Bosque et al., 2024, Knechtel et al., 2019, Garrard et al., 3 Oct 2025):

Metric	Definition	Ideal Value
Reproducibility ( $E_\mathrm{intra}$ )	Consistency of $f_\mathrm{PUF}(C)$ for repeated $C$ on same device	$0$
Uniqueness ( $\mathcal{C}$ 0)	Dissimilarity between devices under same $\mathcal{C}$ 1	$\mathcal{C}$ 2 (normalized)
Unpredictability (min-entropy $\mathcal{C}$ 3)	Difficulty of guessing $\mathcal{C}$ 4 for unknown $\mathcal{C}$ 5	$\mathcal{C}$ 6 (per bit)
Uniformity	Bias in fraction of ‘1’s across outputs	$\mathcal{C}$ 7

Mathematically, for $\mathcal{C}$ 8-bit responses $\mathcal{C}$ 9, $\mathcal{R}$ 0:

$\mathcal{R}$ 1

Min-entropy per output bit,

$\mathcal{R}$ 2

Further, metrics such as diffuseness (challenge-to-response decorrelation), bit-aliasing (per-bit bias), reliability (bit-flip probability under environmental drift), FAR/FRR (false acceptance/rejection) inform suitability for practical applications (Korenda et al., 2019, Kavehei et al., 2013, Garrard et al., 3 Oct 2025).

3. Established and Emerging PUF Architectures

3.1 Microelectronic, Delay, and Memory-PUFs

Arbiter and Delay-Based PUFs: Leverage device-specific gate or wire delays induced by fabrication, with configurations such as Arbiter PUF, Barrel-Shifter PUF, and ring-oscillator PUFs (Wang et al., 2017, Guo et al., 2017, Garcia-Bosque et al., 2024).
UNBIAS PUF: Introduces a metastability-free, bias-agnostic strong PUF by using counters on delay chains and extracting the "inspection bit" to mitigate layout and process bias (Wang et al., 2017).
SRAM PUFs: Use the asymmetric power-up states of SRAM cells; responses are filtered using ternary (strong/weak/unstable) state labeling, with error correction via fuzzy extractors (BCH, Polar codes) (Korenda et al., 2019).
DRAM Latency PUFs (EPUF): Induce and capture deterministic bit-flip patterns by timing violations; extract robust signatures using per-row entropy quantization and helper-data masking, yielding 100% reliability and >47% uniqueness (Najafi et al., 2023).
ReRAM/memristive PUFs: Utilize device-to-device resistance variations in preformed or unformed ReRAM or crossbar memristor arrays to generate exponentially large CRP spaces with sub-0.1% BER and uniqueness ~50% (Garrard et al., 3 Oct 2025, Kavehei et al., 2013).

3.2 Nanoscale, Optical, and Molecular PUFs

Optical/Plasmonic PUFs (peo-PUF): Harness Kerr nonlinearity in silicon disc resonators loaded with randomly placed plasmonic NPs, producing extremely sensitive, reproducible spectral fingerprints ( $\mathcal{R}$ 3 bit/bit entropy, inter-FHD $\mathcal{R}$ 450%) (Knechtel et al., 2019).
Carbon Nanotube (SWCNT) PUFs: Arrays of SWCNT junctions assembled by dielectrophoresis rely on stochastic chirality and defect distribution; normalized current rankings at multiple junctions provide >90% reliability and inter-HD $\mathcal{R}$ 50.51 (Burzurí et al., 15 Jan 2026).
Molecular MUX-Based PUFs: Map classical delay PUF principles onto chemical reaction networks where rate-constant variations act as disorder sources; simulations show $\mathcal{R}$ 6 stages yields high reliability and uniqueness (Ge et al., 2020).
Micromagnet Array PUFs: Fabricate random arrays of micron-scale ferromagnetic bars; optical readout via NV-diamond magnetometry yields entropy per bit close to unity, robust against remagnetization attacks for sufficiently dense/embedded arrays (Kehayias et al., 2020).

3.3 Dynamic and Chaotic PUFs

Hybrid Boolean Network (HBN) PUFs: Use large asynchronous logic gate networks in a transient chaotic regime; challenges and responses are $\mathcal{R}$ 7-bit vectors, with measured $\mathcal{R}$ 8, $\mathcal{R}$ 9, and super-exponential entropy scaling (Charlot et al., 2019).

3.4 Hyper and Quantum PUFs

Hyper PUFs (HPUF): Employ reversibly reconfigurable photonic structures (e.g., light-transformable polymer-dispersed liquid crystals), allowing the physical function to be switched among many distinct configurations, thus realizing a family of orthogonal PUF mappings per device (Nocentini et al., 2022).
Quantum PUFs & QR-PUFs: Secure by exploiting quantum no-cloning and measurement-induced collapse; unforgeability is characterized formally, with unitary quantum PUFs achieving quantum-selective unforgeability (but not existential) due to the universal emulation attack (Arapinis et al., 2019, Galetsky et al., 2022, Gianfelici et al., 2019, Plaga et al., 2012).

4. Unclonability, Threat Models, and Machine Learning Attacks

True unclonability requires the adversary, even with full device access, cannot construct a functionally equivalent $f_\mathrm{PUF}(C)$ 0 for more than a negligible fraction of $f_\mathrm{PUF}(C)$ 1. Imperfect implementations often fall to machine learning and reliability-based attacks:

Standard ML attacks exploit linear or additive delay models in silicon PUFs (e.g., learning the response function with supervised models).
Reliability-based ML attacks enhance power by exploiting unreliability or majority-voting outputs, revealing hidden correlations. Even majority voting with high repeats is now vulnerable via low-dimension high-fidelity (LDHF) representations; multi-task NNs can break PUFs with MV up to 50 (Li et al., 2024).
Countermeasures: Restrict repeated queries, obscure reliability metadata, employ fuzzy extractors and on-chip noise, or adopt architectures with uniform low unreliability (Li et al., 2024, Knechtel et al., 2019).
Quantum/optical PUFs inherit no-cloning (for quantum), or complex high-dimensional, nonlinear mappings (for optical/plasmonic), underpinning resistance to prevailing ML strategies; however, practical validation against advanced attacks remains an open domain (Knechtel et al., 2019, Nocentini et al., 2022).

5. Authentication, Key Generation, and Application Protocols

PUFs are deployed in diverse security protocols (Garcia-Bosque et al., 2024, Najafi et al., 2023, Korenda et al., 2019):

Lightweight mutual authentication: Controller and server share pre-enrolled challenge-response tuples, with session security based on one-time PUF-generated keys, hash-based verifications, and protocol-level replay protections (Najafi et al., 2023).
Key extraction: Fuzzy-extractor frameworks (secure sketch + randomness extractor) reconstruct a stable key from noisy PUF responses, leveraging ECC suitable to the underlying error model (e.g., BCH, Polar, concatenated codes) (Korenda et al., 2019).
Random number generation: Arbiter-based PUFs in nonlinear feedback shift registers (NFSR) yield high-throughput, NIST-test–certified TRNGs (Sadr et al., 2012).
Commutative encryption: BS-PUFs can act as commutative, invertible ciphers, enabling symmetric encryption protocols without stored keys (Guo et al., 2017).
Enrollment/verification protocols: Secure procedures enroll a database of challenge–response or helper-data pairs; subsequent verifications correct for noise and authenticate devices (Gianfelici et al., 2019, Najafi et al., 2023).
Quantum protocols: Reconfigurable or quantum PUFs enable quantum-secure authentication and multi-factor identification schemes (Arapinis et al., 2019, Nocentini et al., 2022).

6. Scalability, Integration, and Practical Considerations

Manufacturing compatibility: Silicon-photonics–based peo-PUFs are designed for standard CMOS/foundry processes with minimal overhead (Knechtel et al., 2019).
Device scalability: PUF architectures vary in CRP-space growth: $f_\mathrm{PUF}(C)$ 2 for ReRAM pairing, $f_\mathrm{PUF}(C)$ 3 for SRAM, up to $f_\mathrm{PUF}(C)$ 4 for strong delay/memristive PUFs (Garrard et al., 3 Oct 2025, Kavehei et al., 2013).
Enrollment cost and stability: Environmental variation (temperature, voltage, aging) introduces trade-offs; helper-data, adaptive schemes, and periodic re-enrollment may be required (Najafi et al., 2023, Korenda et al., 2019).
Throughput: Modern PUFs offer ms-to-ns response rates, with readouts amenable to integration with embedded systems, IoT microcontrollers, or high-rate random number generation (Garrard et al., 3 Oct 2025, Sadr et al., 2012).

7. Open Challenges and Future Directions

Major research challenges include:

Validation against advanced attacks: ML/model-building resistance (statistical and side-channel), especially for emerging memory and optical/chaotic PUFs (Knechtel et al., 2019, Li et al., 2024).
Integration with quantum security: Bridging classical and quantum PUF concepts, including robust physical realizations and exhaustive security evaluation against both conventional and quantum adversaries (Gianfelici et al., 2019, Arapinis et al., 2019, Nocentini et al., 2022).
Cryptostorage as a hardware primitive: Formalizing and developing PUF-based hardware analogs to cryptographic key storage and encryption (cryptostorage), with rigorous work-factor analysis (Plaga et al., 2015).
Architectural innovations: Dynamic, reconfigurable, and high-dimensional PUFs (e.g., Hyper PUFs, HBN-PUF, or multi-level optical PUFs) for enhanced entropy per area and adaptive security models (Charlot et al., 2019, Nocentini et al., 2022).
Standardization and evaluation: Establishing formal, technology-agnostic security frameworks encompassing classical and quantum PUFs, defining benchmarks and certification protocols for deployment in high-assurance environments (Gianfelici et al., 2019, Plaga et al., 2012).

PUFs continue to evolve as a crossroads between materials science, mesoscopic physics, hardware design, and modern cryptography, with strong theoretical underpinnings and intensifying relevance for secure edge computing, IoT, supply chain authentication, and foundational cryptographic protocols.